Authentication in Networks Advanced Network Security Peter Reiher August, 2014
Outline The basic authentication problem Authentication options for networks Practical authentication in the Internet
Authentication in a Network I’m Bill! Subject The network Authenticator How can the authenticator be sure that the subject really is Bill?
Issues to Consider The parties can only use the network to communicate Implying that authentication works using bit patterns Bits are easy to copy Networks can be eavesdropped upon No inherent guarantee that next packet is related to last packet Must we authenticate each packet?
Authentication Options Authentication usually performed in one of three ways: Authenticate by what you know Authenticate by what you have Authenticate by what you are How well do these work in network settings?
Authentication By What You Know Passwords Cryptographic keys Security question responses Usually, the authenticating entity asks for some knowledge The subject must provide the right knowledge
How It Works in a Network OK, here’s Bill’s secret I’m Bill! Prove it! BILL! Subject The network Authenticator If it’s the right secret,
Attackers might guess the secret Potential Problem #1 Attackers might guess the secret I’m Bill! I wonder what Bill’s Secret might be . . . Maybe it’s . . . And here’s my secret BILL!
What Does This Mean? The secret must be unguessable Not either simple or obvious Bad examples: Short passwords Something related openly to subject’s identity (like his name)
Eavesdroppers can overhear and replay the secret Potential Problem #2 OK, here’s Bill’s secret I’m Bill! Prove it! Eavesdroppers can overhear and replay the secret I’m Bill! BILL! And here’s my secret Subject The network Authenticator BILL! Bill’s secret
What Does This Mean? Either the attacker must be unable to eavesdrop Which may be true, but can be impossible to guaranteed Or he must be unable to use what he hears How to achieve the latter? Proper crypto
What Do We Mean By “Proper Crypto”? Not just a strong cipher (e.g., AES) But also something that cannot be replayed If the attacker can copy and replay the encrypted secret, crypto didn’t help
OK, here’s Bill’s secret Improper Crypto OK, here’s Bill’s secret I’m Bill! Prove it! The stolen encrypted authentication information decrypts to the secret! I’m Bill! BILL! And here’s my secret Subject The network Authenticator BILL! Bill’s secret
How Do We Solve the Problem? Use a different crypto key each time Making sure only the real Bill could have it Or use the same key, but include a different nonce Either way, require “Bill” to encrypt his secret differently each time
The General Problem for Network Authentication If you authenticate by what you know You’d better make sure no one else knows it Which means asking for something different each time Different piece of knowledge Different encryption of same piece
Authentication by What You Have Certificates Security tokens of various sorts Challenge is you must prove possession across a network Unlike in person, when you can just show the item (e.g., passport)
How It Works in a Network OK, here’s proof that I have the special item I’m Bill! Prove it! BILL! Note the similarity to the previous approach! Subject The network Authenticator If the proof is sufficiently convincing . . .
What’s The Same? What’s Different The authenticator gets a bunch of bits over the network If they’re right, he authenticates What’s different? How the bits get created That’s where we can improve things
How Should This Work? The weakness of authentication by what you know was the secret If the secret got out, the authentication failed What if it’s a different secret every time? No problem with eavesdropping No replay issues Authenticating by what you have helps if the item generates new bits every time
Generating New Bits Typically requires an active computing device Something with memory and processing capability On each request, it generates a fresh response The authenticator must be able to check the response for correctness
How To Generate the New Bits? Challenge/response The authenticator sends a random number The device encrypts it with its secret key The authenticator checks the encryption Hash chains The device generates new bits using a cryptographic hash of the last set of bits The authenticator determines if the bits are the next in the chain
Some Difficulties The authenticator must share a secret with the device Unless you use PK But still requires pre-arrangement Problems if hash chain gets out of sync with authenticator Solvable using clocks, instead of sequence Requires rough clock synchronization
Weakness of the Approach Loss of special device makes it impossible to authenticate Theft of device may allow thief to improperly authenticate Must pre-arrange to have authentication device in users’ hands
An “Engineering” Approach Use a smart phone instead of security token Most people have smart phones They have compute, storage, and communications capabilities They also have a unique number (telephone number) that contacts them (maybe . . .) Authenticate by asking app on the smart phone to handle challenge/response Solves some problems, adds others
Authentication By What You Are Prove your identity with biometrics Fingerprints, face recognition, retinal scans, etc. Provide that information to the authenticator He checks against a stored version
How It Works in a Network OK, here’s my fingerprint information I’m Bill! Prove it! BILL! Note the similarity to the previous approaches! Subject The network Authenticator If it’s a good match for Bill’s known fingerprint information . . .
Biometrics and Networks Not a particularly good match The biometric information is converted to bits and sent across the network The receiver has no idea how the bits were created Fresh biometric reading? Saved version of previous reading? Stolen copy of a reading?
Biometrics and Non-Human Authentication Biometrics can’t be used to authenticate computers or programs Only people (or perhaps animals) Maybe there are some characteristics of computers that are similar Maybe not A question for research
A Common Issue for Network Authentication Ultimately, you’re getting a bundle of bits packaged in one or more packets It’s hard to guarantee how the bits were created It’s easy to copy bundles of bits Whatever authentication mechanism is used, it must handle that problem